lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / src / lib.rs
at 4fbd820c05ba18bfb363699d33ae561548d46f79 21 kB view raw
1pub mod api; 2pub mod appview; 3pub mod auth; 4pub mod cache; 5pub mod circuit_breaker; 6pub mod comms; 7pub mod config; 8pub mod crawlers; 9pub mod delegation; 10pub mod handle; 11pub mod image; 12pub mod metrics; 13pub mod moderation; 14pub mod oauth; 15pub mod plc; 16pub mod rate_limit; 17pub mod repo; 18pub mod scheduled; 19pub mod state; 20pub mod storage; 21pub mod sync; 22pub mod util; 23pub mod validation; 24 25use axum::{ 26 Router, 27 extract::DefaultBodyLimit, 28 http::Method, 29 middleware, 30 routing::{any, get, post}, 31}; 32use state::AppState; 33use tower_http::cors::{Any, CorsLayer}; 34use tower_http::services::{ServeDir, ServeFile}; 35 36pub fn app(state: AppState) -> Router { 37 let xrpc_router = Router::new() 38 .route("/_health", get(api::server::health)) 39 .route( 40 "/com.atproto.server.describeServer", 41 get(api::server::describe_server), 42 ) 43 .route( 44 "/com.atproto.server.createAccount", 45 post(api::identity::create_account), 46 ) 47 .route( 48 "/com.atproto.server.createSession", 49 post(api::server::create_session), 50 ) 51 .route( 52 "/com.atproto.server.getSession", 53 get(api::server::get_session), 54 ) 55 .route("/_account.listSessions", get(api::server::list_sessions)) 56 .route("/_account.revokeSession", post(api::server::revoke_session)) 57 .route( 58 "/_account.revokeAllSessions", 59 post(api::server::revoke_all_sessions), 60 ) 61 .route( 62 "/com.atproto.server.deleteSession", 63 post(api::server::delete_session), 64 ) 65 .route( 66 "/com.atproto.server.refreshSession", 67 post(api::server::refresh_session), 68 ) 69 .route( 70 "/com.atproto.server.confirmSignup", 71 post(api::server::confirm_signup), 72 ) 73 .route( 74 "/com.atproto.server.resendVerification", 75 post(api::server::resend_verification), 76 ) 77 .route( 78 "/com.atproto.server.getServiceAuth", 79 get(api::server::get_service_auth), 80 ) 81 .route( 82 "/com.atproto.identity.resolveHandle", 83 get(api::identity::resolve_handle), 84 ) 85 .route( 86 "/com.atproto.repo.createRecord", 87 post(api::repo::create_record), 88 ) 89 .route("/com.atproto.repo.putRecord", post(api::repo::put_record)) 90 .route("/com.atproto.repo.getRecord", get(api::repo::get_record)) 91 .route( 92 "/com.atproto.repo.deleteRecord", 93 post(api::repo::delete_record), 94 ) 95 .route( 96 "/com.atproto.repo.listRecords", 97 get(api::repo::list_records), 98 ) 99 .route( 100 "/com.atproto.repo.describeRepo", 101 get(api::repo::describe_repo), 102 ) 103 .route("/com.atproto.repo.uploadBlob", post(api::repo::upload_blob)) 104 .route( 105 "/com.atproto.repo.applyWrites", 106 post(api::repo::apply_writes), 107 ) 108 .route( 109 "/com.atproto.sync.getLatestCommit", 110 get(sync::get_latest_commit), 111 ) 112 .route("/com.atproto.sync.listRepos", get(sync::list_repos)) 113 .route("/com.atproto.sync.getBlob", get(sync::get_blob)) 114 .route("/com.atproto.sync.listBlobs", get(sync::list_blobs)) 115 .route( 116 "/com.atproto.sync.getRepoStatus", 117 get(sync::get_repo_status), 118 ) 119 .route( 120 "/com.atproto.server.checkAccountStatus", 121 get(api::server::check_account_status), 122 ) 123 .route( 124 "/com.atproto.identity.getRecommendedDidCredentials", 125 get(api::identity::get_recommended_did_credentials), 126 ) 127 .route( 128 "/com.atproto.repo.listMissingBlobs", 129 get(api::repo::list_missing_blobs), 130 ) 131 .route( 132 "/com.atproto.sync.notifyOfUpdate", 133 post(sync::notify_of_update), 134 ) 135 .route("/com.atproto.sync.requestCrawl", post(sync::request_crawl)) 136 .route("/com.atproto.sync.getBlocks", get(sync::get_blocks)) 137 .route("/com.atproto.sync.getRepo", get(sync::get_repo)) 138 .route("/com.atproto.sync.getRecord", get(sync::get_record)) 139 .route( 140 "/com.atproto.sync.subscribeRepos", 141 get(sync::subscribe_repos), 142 ) 143 .route("/com.atproto.sync.getHead", get(sync::get_head)) 144 .route("/com.atproto.sync.getCheckout", get(sync::get_checkout)) 145 .route( 146 "/com.atproto.moderation.createReport", 147 post(api::moderation::create_report), 148 ) 149 .route( 150 "/com.atproto.admin.getAccountInfo", 151 get(api::admin::get_account_info), 152 ) 153 .route( 154 "/com.atproto.admin.getAccountInfos", 155 get(api::admin::get_account_infos), 156 ) 157 .route( 158 "/com.atproto.admin.searchAccounts", 159 get(api::admin::search_accounts), 160 ) 161 .route( 162 "/com.atproto.server.activateAccount", 163 post(api::server::activate_account), 164 ) 165 .route( 166 "/com.atproto.server.deactivateAccount", 167 post(api::server::deactivate_account), 168 ) 169 .route( 170 "/com.atproto.server.requestAccountDelete", 171 post(api::server::request_account_delete), 172 ) 173 .route( 174 "/com.atproto.server.deleteAccount", 175 post(api::server::delete_account), 176 ) 177 .route( 178 "/com.atproto.server.requestPasswordReset", 179 post(api::server::request_password_reset), 180 ) 181 .route( 182 "/com.atproto.server.resetPassword", 183 post(api::server::reset_password), 184 ) 185 .route( 186 "/_account.changePassword", 187 post(api::server::change_password), 188 ) 189 .route( 190 "/_account.removePassword", 191 post(api::server::remove_password), 192 ) 193 .route( 194 "/_account.getPasswordStatus", 195 get(api::server::get_password_status), 196 ) 197 .route( 198 "/_account.getReauthStatus", 199 get(api::server::get_reauth_status), 200 ) 201 .route( 202 "/_account.reauthPassword", 203 post(api::server::reauth_password), 204 ) 205 .route("/_account.reauthTotp", post(api::server::reauth_totp)) 206 .route( 207 "/_account.reauthPasskeyStart", 208 post(api::server::reauth_passkey_start), 209 ) 210 .route( 211 "/_account.reauthPasskeyFinish", 212 post(api::server::reauth_passkey_finish), 213 ) 214 .route( 215 "/_account.getLegacyLoginPreference", 216 get(api::server::get_legacy_login_preference), 217 ) 218 .route( 219 "/_account.updateLegacyLoginPreference", 220 post(api::server::update_legacy_login_preference), 221 ) 222 .route("/_account.updateLocale", post(api::server::update_locale)) 223 .route( 224 "/_account.listTrustedDevices", 225 get(api::server::list_trusted_devices), 226 ) 227 .route( 228 "/_account.revokeTrustedDevice", 229 post(api::server::revoke_trusted_device), 230 ) 231 .route( 232 "/_account.updateTrustedDevice", 233 post(api::server::update_trusted_device), 234 ) 235 .route( 236 "/_account.createPasskeyAccount", 237 post(api::server::create_passkey_account), 238 ) 239 .route( 240 "/_account.startPasskeyRegistrationForSetup", 241 post(api::server::start_passkey_registration_for_setup), 242 ) 243 .route( 244 "/_account.completePasskeySetup", 245 post(api::server::complete_passkey_setup), 246 ) 247 .route( 248 "/_account.requestPasskeyRecovery", 249 post(api::server::request_passkey_recovery), 250 ) 251 .route( 252 "/_account.recoverPasskeyAccount", 253 post(api::server::recover_passkey_account), 254 ) 255 .route( 256 "/_account.updateDidDocument", 257 post(api::server::update_did_document), 258 ) 259 .route( 260 "/_account.getDidDocument", 261 get(api::server::get_did_document), 262 ) 263 .route( 264 "/com.atproto.server.requestEmailUpdate", 265 post(api::server::request_email_update), 266 ) 267 .route( 268 "/_checkEmailVerified", 269 post(api::server::check_email_verified), 270 ) 271 .route( 272 "/com.atproto.server.confirmEmail", 273 post(api::server::confirm_email), 274 ) 275 .route( 276 "/com.atproto.server.updateEmail", 277 post(api::server::update_email), 278 ) 279 .route( 280 "/com.atproto.server.reserveSigningKey", 281 post(api::server::reserve_signing_key), 282 ) 283 .route( 284 "/com.atproto.server.verifyMigrationEmail", 285 post(api::server::verify_migration_email), 286 ) 287 .route( 288 "/com.atproto.server.resendMigrationVerification", 289 post(api::server::resend_migration_verification), 290 ) 291 .route( 292 "/com.atproto.identity.updateHandle", 293 post(api::identity::update_handle), 294 ) 295 .route( 296 "/com.atproto.identity.requestPlcOperationSignature", 297 post(api::identity::request_plc_operation_signature), 298 ) 299 .route( 300 "/com.atproto.identity.signPlcOperation", 301 post(api::identity::sign_plc_operation), 302 ) 303 .route( 304 "/com.atproto.identity.submitPlcOperation", 305 post(api::identity::submit_plc_operation), 306 ) 307 .route("/com.atproto.repo.importRepo", post(api::repo::import_repo)) 308 .route( 309 "/com.atproto.admin.deleteAccount", 310 post(api::admin::delete_account), 311 ) 312 .route( 313 "/com.atproto.admin.updateAccountEmail", 314 post(api::admin::update_account_email), 315 ) 316 .route( 317 "/com.atproto.admin.updateAccountHandle", 318 post(api::admin::update_account_handle), 319 ) 320 .route( 321 "/com.atproto.admin.updateAccountPassword", 322 post(api::admin::update_account_password), 323 ) 324 .route( 325 "/com.atproto.server.listAppPasswords", 326 get(api::server::list_app_passwords), 327 ) 328 .route( 329 "/com.atproto.server.createAppPassword", 330 post(api::server::create_app_password), 331 ) 332 .route( 333 "/com.atproto.server.revokeAppPassword", 334 post(api::server::revoke_app_password), 335 ) 336 .route( 337 "/com.atproto.server.createInviteCode", 338 post(api::server::create_invite_code), 339 ) 340 .route( 341 "/com.atproto.server.createInviteCodes", 342 post(api::server::create_invite_codes), 343 ) 344 .route( 345 "/com.atproto.server.getAccountInviteCodes", 346 get(api::server::get_account_invite_codes), 347 ) 348 .route( 349 "/com.atproto.server.createTotpSecret", 350 post(api::server::create_totp_secret), 351 ) 352 .route( 353 "/com.atproto.server.enableTotp", 354 post(api::server::enable_totp), 355 ) 356 .route( 357 "/com.atproto.server.disableTotp", 358 post(api::server::disable_totp), 359 ) 360 .route( 361 "/com.atproto.server.getTotpStatus", 362 get(api::server::get_totp_status), 363 ) 364 .route( 365 "/com.atproto.server.regenerateBackupCodes", 366 post(api::server::regenerate_backup_codes), 367 ) 368 .route( 369 "/com.atproto.server.startPasskeyRegistration", 370 post(api::server::start_passkey_registration), 371 ) 372 .route( 373 "/com.atproto.server.finishPasskeyRegistration", 374 post(api::server::finish_passkey_registration), 375 ) 376 .route( 377 "/com.atproto.server.listPasskeys", 378 get(api::server::list_passkeys), 379 ) 380 .route( 381 "/com.atproto.server.deletePasskey", 382 post(api::server::delete_passkey), 383 ) 384 .route( 385 "/com.atproto.server.updatePasskey", 386 post(api::server::update_passkey), 387 ) 388 .route( 389 "/com.atproto.admin.getInviteCodes", 390 get(api::admin::get_invite_codes), 391 ) 392 .route("/_admin.getServerStats", get(api::admin::get_server_stats)) 393 .route("/_server.getConfig", get(api::admin::get_server_config)) 394 .route( 395 "/_admin.updateServerConfig", 396 post(api::admin::update_server_config), 397 ) 398 .route( 399 "/com.atproto.admin.disableAccountInvites", 400 post(api::admin::disable_account_invites), 401 ) 402 .route( 403 "/com.atproto.admin.enableAccountInvites", 404 post(api::admin::enable_account_invites), 405 ) 406 .route( 407 "/com.atproto.admin.disableInviteCodes", 408 post(api::admin::disable_invite_codes), 409 ) 410 .route( 411 "/com.atproto.admin.getSubjectStatus", 412 get(api::admin::get_subject_status), 413 ) 414 .route( 415 "/com.atproto.admin.updateSubjectStatus", 416 post(api::admin::update_subject_status), 417 ) 418 .route("/com.atproto.admin.sendEmail", post(api::admin::send_email)) 419 .route( 420 "/app.bsky.actor.getPreferences", 421 get(api::actor::get_preferences), 422 ) 423 .route( 424 "/app.bsky.actor.putPreferences", 425 post(api::actor::put_preferences), 426 ) 427 .route( 428 "/com.atproto.temp.checkSignupQueue", 429 get(api::temp::check_signup_queue), 430 ) 431 .route( 432 "/com.atproto.temp.dereferenceScope", 433 post(api::temp::dereference_scope), 434 ) 435 .route( 436 "/_account.getNotificationPrefs", 437 get(api::notification_prefs::get_notification_prefs), 438 ) 439 .route( 440 "/_account.updateNotificationPrefs", 441 post(api::notification_prefs::update_notification_prefs), 442 ) 443 .route( 444 "/_account.getNotificationHistory", 445 get(api::notification_prefs::get_notification_history), 446 ) 447 .route( 448 "/_account.confirmChannelVerification", 449 post(api::verification::confirm_channel_verification), 450 ) 451 .route("/_account.verifyToken", post(api::server::verify_token)) 452 .route( 453 "/_delegation.listControllers", 454 get(api::delegation::list_controllers), 455 ) 456 .route( 457 "/_delegation.addController", 458 post(api::delegation::add_controller), 459 ) 460 .route( 461 "/_delegation.removeController", 462 post(api::delegation::remove_controller), 463 ) 464 .route( 465 "/_delegation.updateControllerScopes", 466 post(api::delegation::update_controller_scopes), 467 ) 468 .route( 469 "/_delegation.listControlledAccounts", 470 get(api::delegation::list_controlled_accounts), 471 ) 472 .route( 473 "/_delegation.getAuditLog", 474 get(api::delegation::get_audit_log), 475 ) 476 .route( 477 "/_delegation.getScopePresets", 478 get(api::delegation::get_scope_presets), 479 ) 480 .route( 481 "/_delegation.createDelegatedAccount", 482 post(api::delegation::create_delegated_account), 483 ) 484 .route("/_backup.listBackups", get(api::backup::list_backups)) 485 .route("/_backup.getBackup", get(api::backup::get_backup)) 486 .route("/_backup.createBackup", post(api::backup::create_backup)) 487 .route("/_backup.deleteBackup", post(api::backup::delete_backup)) 488 .route("/_backup.setEnabled", post(api::backup::set_backup_enabled)) 489 .route("/_backup.exportBlobs", get(api::backup::export_blobs)) 490 .route( 491 "/app.bsky.ageassurance.getState", 492 get(api::age_assurance::get_state), 493 ) 494 .route( 495 "/app.bsky.unspecced.getAgeAssuranceState", 496 get(api::age_assurance::get_age_assurance_state), 497 ) 498 .route("/{*method}", any(api::proxy::proxy_handler)); 499 500 let oauth_router = Router::new() 501 .route("/jwks", get(oauth::endpoints::oauth_jwks)) 502 .route( 503 "/client-metadata.json", 504 get(oauth::endpoints::frontend_client_metadata), 505 ) 506 .route("/par", post(oauth::endpoints::pushed_authorization_request)) 507 .route("/authorize", get(oauth::endpoints::authorize_get)) 508 .route("/authorize", post(oauth::endpoints::authorize_post)) 509 .route( 510 "/authorize/accounts", 511 get(oauth::endpoints::authorize_accounts), 512 ) 513 .route( 514 "/authorize/select", 515 post(oauth::endpoints::authorize_select), 516 ) 517 .route("/authorize/2fa", get(oauth::endpoints::authorize_2fa_get)) 518 .route("/authorize/2fa", post(oauth::endpoints::authorize_2fa_post)) 519 .route( 520 "/authorize/passkey", 521 get(oauth::endpoints::authorize_passkey_start), 522 ) 523 .route( 524 "/authorize/passkey", 525 post(oauth::endpoints::authorize_passkey_finish), 526 ) 527 .route( 528 "/passkey/check", 529 get(oauth::endpoints::check_user_has_passkeys), 530 ) 531 .route( 532 "/security-status", 533 get(oauth::endpoints::check_user_security_status), 534 ) 535 .route("/passkey/start", post(oauth::endpoints::passkey_start)) 536 .route("/passkey/finish", post(oauth::endpoints::passkey_finish)) 537 .route("/authorize/deny", post(oauth::endpoints::authorize_deny)) 538 .route("/authorize/consent", get(oauth::endpoints::consent_get)) 539 .route("/authorize/consent", post(oauth::endpoints::consent_post)) 540 .route("/delegation/auth", post(oauth::endpoints::delegation_auth)) 541 .route( 542 "/delegation/totp", 543 post(oauth::endpoints::delegation_totp_verify), 544 ) 545 .route("/token", post(oauth::endpoints::token_endpoint)) 546 .route("/revoke", post(oauth::endpoints::revoke_token)) 547 .route("/introspect", post(oauth::endpoints::introspect_token)); 548 549 let well_known_router = Router::new() 550 .route("/did.json", get(api::identity::well_known_did)) 551 .route("/atproto-did", get(api::identity::well_known_atproto_did)) 552 .route( 553 "/oauth-protected-resource", 554 get(oauth::endpoints::oauth_protected_resource), 555 ) 556 .route( 557 "/oauth-authorization-server", 558 get(oauth::endpoints::oauth_authorization_server), 559 ); 560 561 let router = Router::new() 562 .nest("/xrpc", xrpc_router) 563 .nest("/oauth", oauth_router) 564 .route("/metrics", get(metrics::metrics_handler)) 565 .route("/health", get(api::server::health)) 566 .route("/robots.txt", get(api::server::robots_txt)) 567 .route("/logo", get(api::server::get_logo)) 568 .route("/u/{handle}/did.json", get(api::identity::user_did_doc)) 569 .layer(DefaultBodyLimit::max(util::get_max_blob_size())) 570 .layer(middleware::from_fn(metrics::metrics_middleware)) 571 .layer( 572 CorsLayer::new() 573 .allow_origin(Any) 574 .allow_methods([Method::GET, Method::POST, Method::OPTIONS]) 575 .allow_headers(Any), 576 ) 577 .with_state(state); 578 579 let frontend_dir = 580 std::env::var("FRONTEND_DIR").unwrap_or_else(|_| "./frontend/dist".to_string()); 581 if std::path::Path::new(&frontend_dir) 582 .join("index.html") 583 .exists() 584 { 585 let index_path = format!("{}/index.html", frontend_dir); 586 let homepage_path = format!("{}/homepage.html", frontend_dir); 587 588 let homepage_exists = std::path::Path::new(&homepage_path).exists(); 589 let homepage_file = if homepage_exists { 590 homepage_path 591 } else { 592 index_path.clone() 593 }; 594 595 let spa_router = Router::new().fallback_service(ServeFile::new(&index_path)); 596 597 let serve_dir = ServeDir::new(&frontend_dir).not_found_service(ServeFile::new(&index_path)); 598 599 router 600 .route_service("/", ServeFile::new(&homepage_file)) 601 .nest("/app", spa_router) 602 .fallback_service(serve_dir); 603 } 604 605 router 606}